diff options
Diffstat (limited to 'plugins/omemo/src/file_transfer')
-rw-r--r-- | plugins/omemo/src/file_transfer/file_decryptor.vala | 89 | ||||
-rw-r--r-- | plugins/omemo/src/file_transfer/file_encryptor.vala | 74 | ||||
-rw-r--r-- | plugins/omemo/src/file_transfer/file_provider.vala | 168 | ||||
-rw-r--r-- | plugins/omemo/src/file_transfer/file_sender.vala | 108 |
4 files changed, 163 insertions, 276 deletions
diff --git a/plugins/omemo/src/file_transfer/file_decryptor.vala b/plugins/omemo/src/file_transfer/file_decryptor.vala new file mode 100644 index 00000000..dcb65301 --- /dev/null +++ b/plugins/omemo/src/file_transfer/file_decryptor.vala @@ -0,0 +1,89 @@ +using Dino.Entities; + +using Signal; + +namespace Dino.Plugins.Omemo { + +public class OmemoHttpFileReceiveData : HttpFileReceiveData { + public string original_url; +} + +public class OmemoFileDecryptor : FileDecryptor, Object { + + private Regex url_regex = /^aesgcm:\/\/(.*)#(([A-Fa-f0-9]{2}){48}|([A-Fa-f0-9]{2}){44})$/; + + public FileReceiveData prepare_get_meta_info(Conversation conversation, FileTransfer file_transfer, FileReceiveData receive_data) { + HttpFileReceiveData? http_receive_data = receive_data as HttpFileReceiveData; + if (http_receive_data == null) assert(false); +// if ((receive_data as OmemoHttpFileReceiveData) != null) return receive_data; + + var omemo_http_receive_data = new OmemoHttpFileReceiveData(); + omemo_http_receive_data.url = aesgcm_to_https_link(http_receive_data.url); + omemo_http_receive_data.original_url = http_receive_data.url; + + return omemo_http_receive_data; + } + + public FileMeta prepare_download_file(Conversation conversation, FileTransfer file_transfer, FileReceiveData receive_data, FileMeta file_meta) { + if (file_meta.file_name != null) { + file_meta.file_name = file_meta.file_name.split("#")[0]; + } + return file_meta; + } + + public bool can_decrypt_file(Conversation conversation, FileTransfer file_transfer, FileReceiveData receive_data) { + HttpFileReceiveData? http_file_receive = receive_data as HttpFileReceiveData; + if (http_file_receive == null) return false; + + return this.url_regex.match(http_file_receive.url) || (receive_data as OmemoHttpFileReceiveData) != null; + } + + public async InputStream decrypt_file(InputStream encrypted_stream, Conversation conversation, FileTransfer file_transfer, FileReceiveData receive_data) { + OmemoHttpFileReceiveData? omemo_http_receive_data = receive_data as OmemoHttpFileReceiveData; + if (omemo_http_receive_data == null) assert(false); + + // Decode IV and key + MatchInfo match_info; + this.url_regex.match(omemo_http_receive_data.original_url, 0, out match_info); + uint8[] iv_and_key = hex_to_bin(match_info.fetch(2).up()); + uint8[] iv, key; + if (iv_and_key.length == 44) { + iv = iv_and_key[0:12]; + key = iv_and_key[12:44]; + } else { + iv = iv_and_key[0:16]; + key = iv_and_key[16:48]; + } + + // Read data + uint8[] buf = new uint8[256]; + Array<uint8> data = new Array<uint8>(false, true, 0); + size_t len = -1; + do { + len = yield encrypted_stream.read_async(buf); + data.append_vals(buf, (uint) len); + } while(len > 0); + + // Decrypt + uint8[] cleartext = Signal.aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, data.data); + file_transfer.encryption = Encryption.OMEMO; + return new MemoryInputStream.from_data(cleartext); + } + + private uint8[] hex_to_bin(string hex) { + uint8[] bin = new uint8[hex.length / 2]; + const string HEX = "0123456789ABCDEF"; + for (int i = 0; i < hex.length / 2; i++) { + bin[i] = (uint8) (HEX.index_of_char(hex[i*2]) << 4) | HEX.index_of_char(hex[i*2+1]); + } + return bin; + } + + private string aesgcm_to_https_link(string aesgcm_link) { + MatchInfo match_info; + this.url_regex.match(aesgcm_link, 0, out match_info); + return "https://" + match_info.fetch(1); + } +} + +} diff --git a/plugins/omemo/src/file_transfer/file_encryptor.vala b/plugins/omemo/src/file_transfer/file_encryptor.vala new file mode 100644 index 00000000..a5445153 --- /dev/null +++ b/plugins/omemo/src/file_transfer/file_encryptor.vala @@ -0,0 +1,74 @@ +using Gee; +using Gtk; + +using Dino.Entities; +using Xmpp; +using Signal; + +namespace Dino.Plugins.Omemo { + +public class OmemoHttpFileMeta : HttpFileMeta { + public uint8[] iv; + public uint8[] key; +} + +public class OmemoFileEncryptor : Dino.FileEncryptor, Object { + + public bool can_encrypt_file(Conversation conversation, FileTransfer file_transfer) { + return file_transfer.encryption == Encryption.OMEMO; + } + + public FileMeta encrypt_file(Conversation conversation, FileTransfer file_transfer) throws FileSendError { + var omemo_http_file_meta = new OmemoHttpFileMeta(); + + try { + uint8[] buf = new uint8[256]; + Array<uint8> data = new Array<uint8>(false, true, 0); + size_t len = -1; + do { + len = file_transfer.input_stream.read(buf); + data.append_vals(buf, (uint) len); + } while(len > 0); + + //Create a key and use it to encrypt the file + uint8[] iv = new uint8[16]; + Plugin.get_context().randomize(iv); + uint8[] key = new uint8[32]; + Plugin.get_context().randomize(key); + uint8[] ciphertext = aes_encrypt(Cipher.AES_GCM_NOPADDING, key, iv, data.data); + + omemo_http_file_meta.iv = iv; + omemo_http_file_meta.key = key; + omemo_http_file_meta.size = ciphertext.length; + omemo_http_file_meta.mime_type = "pgp"; + file_transfer.input_stream = new MemoryInputStream.from_data(ciphertext, GLib.free); + } catch (Error error) { + throw new FileSendError.ENCRYPTION_FAILED("HTTP upload: Error encrypting stream: %s".printf(error.message)); + } + + return omemo_http_file_meta; + } + + public FileSendData? preprocess_send_file(Conversation conversation, FileTransfer file_transfer, FileSendData file_send_data, FileMeta file_meta) { + HttpFileSendData? send_data = file_send_data as HttpFileSendData; + if (send_data == null) return null; + + OmemoHttpFileMeta? omemo_http_file_meta = file_meta as OmemoHttpFileMeta; + if (omemo_http_file_meta == null) return null; + + // Convert iv and key to hex + string iv_and_key = ""; + foreach (uint8 byte in omemo_http_file_meta.iv) iv_and_key += byte.to_string("%02x"); + foreach (uint8 byte in omemo_http_file_meta.key) iv_and_key += byte.to_string("%02x"); + + string aesgcm_link = send_data.url_down + "#" + iv_and_key; + aesgcm_link = "aesgcm://" + aesgcm_link.substring(8); // replace https:// by aesgcm:// + + send_data.url_down = aesgcm_link; + send_data.encrypt_message = true; + + return file_send_data; + } +} + +} diff --git a/plugins/omemo/src/file_transfer/file_provider.vala b/plugins/omemo/src/file_transfer/file_provider.vala deleted file mode 100644 index 938ec0cf..00000000 --- a/plugins/omemo/src/file_transfer/file_provider.vala +++ /dev/null @@ -1,168 +0,0 @@ -using Gee; -using Gtk; - -using Dino.Entities; -using Xmpp; -using Signal; - -namespace Dino.Plugins.Omemo { - -public class FileProvider : Dino.FileProvider, Object { - public string id { get { return "aesgcm"; } } - - private StreamInteractor stream_interactor; - private Dino.Database dino_db; - private Regex url_regex; - - public FileProvider(StreamInteractor stream_interactor, Dino.Database dino_db) { - this.stream_interactor = stream_interactor; - this.dino_db = dino_db; - this.url_regex = /^aesgcm:\/\/(.*)#(([A-Fa-f0-9]{2}){48}|([A-Fa-f0-9]{2}){44})$/; - - stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(new ReceivedMessageListener(this)); - } - - private class ReceivedMessageListener : MessageListener { - - public string[] after_actions_const = new string[]{ "STORE" }; - public override string action_group { get { return ""; } } - public override string[] after_actions { get { return after_actions_const; } } - - private FileProvider outer; - private StreamInteractor stream_interactor; - - public ReceivedMessageListener(FileProvider outer) { - this.outer = outer; - this.stream_interactor = outer.stream_interactor; - } - - public override async bool run(Entities.Message message, Xmpp.MessageStanza stanza, Conversation conversation) { - if (message.body.has_prefix("aesgcm://") && outer.url_regex.match(message.body)) { - yield outer.on_file_message(message, conversation); - } - return false; - } - } - - private async void on_file_message(Entities.Message message, Conversation conversation) { - MatchInfo match_info; - this.url_regex.match(message.body, 0, out match_info); - string url_without_hash = match_info.fetch(1); - - FileTransfer file_transfer = new FileTransfer(); - file_transfer.account = conversation.account; - file_transfer.counterpart = message.counterpart; - file_transfer.ourpart = message.ourpart; - file_transfer.encryption = Encryption.NONE; - file_transfer.time = message.time; - file_transfer.local_time = message.local_time; - file_transfer.direction = message.direction; - file_transfer.file_name = url_without_hash.substring(url_without_hash.last_index_of("/") + 1); - file_transfer.size = -1; - file_transfer.state = FileTransfer.State.NOT_STARTED; - file_transfer.provider = 0; - file_transfer.info = message.id.to_string(); - - if (stream_interactor.get_module(FileManager.IDENTITY).is_sender_trustworthy(file_transfer, conversation)) { - yield get_meta_info(file_transfer); - if (file_transfer.size >= 0 && file_transfer.size < 5000000) { - ContentItem? content_item = stream_interactor.get_module(ContentItemStore.IDENTITY).get_item(conversation, 1, message.id); - if (content_item != null) { - stream_interactor.get_module(ContentItemStore.IDENTITY).set_item_hide(content_item, true); - } - } - file_incoming(file_transfer, conversation); - } - } - - public async void get_meta_info(FileTransfer file_transfer) { - string url_body = dino_db.message.select({dino_db.message.body}).with(dino_db.message.id, "=", int.parse(file_transfer.info))[dino_db.message.body]; - string url = this.aesgcm_to_https_link(url_body); - var session = new Soup.Session(); - var head_message = new Soup.Message("HEAD", url); - if (head_message != null) { - yield session.send_async(head_message, null); - - if (head_message.status_code >= 200 && head_message.status_code < 300) { - string? content_type = null, content_length = null; - head_message.response_headers.foreach((name, val) => { - if (name == "Content-Type") content_type = val; - if (name == "Content-Length") content_length = val; - }); - file_transfer.mime_type = content_type; - if (content_length != null) { - file_transfer.size = int.parse(content_length); - } - } else { - warning("HTTP HEAD download status code " + head_message.status_code.to_string()); - } - } - } - - public async void download(FileTransfer file_transfer, File file) { - try { - string url_body = dino_db.message.select({dino_db.message.body}).with(dino_db.message.id, "=", int.parse(file_transfer.info))[dino_db.message.body]; - string url = this.aesgcm_to_https_link(url_body); - var session = new Soup.Session(); - Soup.Request request = session.request(url); - - file_transfer.input_stream = yield decrypt_file(yield request.send_async(null), url_body); - file_transfer.encryption = Encryption.OMEMO; - - OutputStream os = file.create(FileCreateFlags.REPLACE_DESTINATION); - yield os.splice_async(file_transfer.input_stream, 0); - os.close(); - file_transfer.path = file.get_basename(); - file_transfer.input_stream = yield file.read_async(); - - file_transfer.state = FileTransfer.State.COMPLETE; - } catch (Error e) { - file_transfer.state = FileTransfer.State.FAILED; - } - } - - public async InputStream? decrypt_file(InputStream input_stream, string url) { - // Decode IV and key - MatchInfo match_info; - this.url_regex.match(url, 0, out match_info); - uint8[] iv_and_key = hex_to_bin(match_info.fetch(2).up()); - uint8[] iv, key; - if (iv_and_key.length == 44) { - iv = iv_and_key[0:12]; - key = iv_and_key[12:44]; - } else { - iv = iv_and_key[0:16]; - key = iv_and_key[16:48]; - } - - // Read data - uint8[] buf = new uint8[256]; - Array<uint8> data = new Array<uint8>(false, true, 0); - size_t len = -1; - do { - len = yield input_stream.read_async(buf); - data.append_vals(buf, (uint) len); - } while(len > 0); - - // Decrypt - uint8[] cleartext = Signal.aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, data.data); - return new MemoryInputStream.from_data(cleartext); - } - - private uint8[] hex_to_bin(string hex) { - uint8[] bin = new uint8[hex.length / 2]; - const string HEX = "0123456789ABCDEF"; - for (int i = 0; i < hex.length / 2; i++) { - bin[i] = (uint8) (HEX.index_of_char(hex[i*2]) << 4) | HEX.index_of_char(hex[i*2+1]); - } - return bin; - } - - private string aesgcm_to_https_link(string aesgcm_link) { - MatchInfo match_info; - this.url_regex.match(aesgcm_link, 0, out match_info); - return "https://" + match_info.fetch(1); - } -} - -} diff --git a/plugins/omemo/src/file_transfer/file_sender.vala b/plugins/omemo/src/file_transfer/file_sender.vala deleted file mode 100644 index b63d3dc5..00000000 --- a/plugins/omemo/src/file_transfer/file_sender.vala +++ /dev/null @@ -1,108 +0,0 @@ -using Dino.Entities; -using Gee; -using Signal; -using Xmpp; - -namespace Dino.Plugins.Omemo { - -public class AesGcmFileSender : StreamInteractionModule, FileSender, Object { - public static ModuleIdentity<Manager> IDENTITY = new ModuleIdentity<Manager>("http_files"); - public string id { get { return IDENTITY.id; } } - - - private StreamInteractor stream_interactor; - private HashMap<Account, long> max_file_sizes = new HashMap<Account, long>(Account.hash_func, Account.equals_func); - - public AesGcmFileSender(StreamInteractor stream_interactor) { - this.stream_interactor = stream_interactor; - - stream_interactor.stream_negotiated.connect(on_stream_negotiated); - } - - public void send_file(Conversation conversation, FileTransfer file_transfer) { - Xmpp.XmppStream? stream = stream_interactor.get_stream(file_transfer.account); - uint8[] buf = new uint8[256]; - Array<uint8> data = new Array<uint8>(false, true, 0); - size_t len = -1; - do { - try { - len = file_transfer.input_stream.read(buf); - } catch (IOError error) { - warning(@"HTTP upload: IOError reading stream: $(error.message)"); - file_transfer.state = FileTransfer.State.FAILED; - } - data.append_vals(buf, (uint) len); - } while(len > 0); - - //Create a key and use it to encrypt the file - uint8[] iv = new uint8[16]; - Plugin.get_context().randomize(iv); - uint8[] key = new uint8[32]; - Plugin.get_context().randomize(key); - uint8[] ciphertext = aes_encrypt(Cipher.AES_GCM_NOPADDING, key, iv, data.data); - - // Convert iv and key to hex - string iv_and_key = ""; - foreach (uint8 byte in iv) iv_and_key += byte.to_string("%02x"); - foreach (uint8 byte in key) iv_and_key += byte.to_string("%02x"); - - stream_interactor.module_manager.get_module(file_transfer.account, Xmpp.Xep.HttpFileUpload.Module.IDENTITY).request_slot(stream, file_transfer.server_file_name, (int) ciphertext.length, file_transfer.mime_type, - (stream, url_down, url_up) => { - Soup.Message message = new Soup.Message("PUT", url_up); - message.set_request(file_transfer.mime_type, Soup.MemoryUse.COPY, ciphertext); - Soup.Session session = new Soup.Session(); - session.send_async.begin(message, null, (obj, res) => { - try { - session.send_async.end(res); - if (message.status_code >= 200 && message.status_code < 300) { - string aesgcm_link = url_down + "#" + iv_and_key; - aesgcm_link = "aesgcm://" + aesgcm_link.substring(8); // replace https:// by aesgcm:// - - file_transfer.info = aesgcm_link; // store the message content temporarily so the message gets filtered out - Entities.Message xmpp_message = stream_interactor.get_module(MessageProcessor.IDENTITY).create_out_message(aesgcm_link, conversation); - xmpp_message.encryption = Encryption.OMEMO; - stream_interactor.get_module(MessageProcessor.IDENTITY).send_message(xmpp_message, conversation); - file_transfer.info = xmpp_message.id.to_string(); - - ContentItem? content_item = stream_interactor.get_module(ContentItemStore.IDENTITY).get_item(conversation, 1, xmpp_message.id); - if (content_item != null) { - stream_interactor.get_module(ContentItemStore.IDENTITY).set_item_hide(content_item, true); - } - } else { - warning("HTTP upload status code " + message.status_code.to_string()); - file_transfer.state = FileTransfer.State.FAILED; - } - } catch (Error e) { - warning("HTTP upload error: " + e.message); - file_transfer.state = FileTransfer.State.FAILED; - } - }); - }, - (stream, error) => { - warning("HTTP upload error: " + error); - file_transfer.state = FileTransfer.State.FAILED; - } - ); - } - - public bool can_send(Conversation conversation, FileTransfer file_transfer) { - return file_transfer.encryption == Encryption.OMEMO; - } - - public bool is_upload_available(Conversation conversation) { - lock (max_file_sizes) { - return max_file_sizes.has_key(conversation.account); - } - } - - private void on_stream_negotiated(Account account, XmppStream stream) { - stream_interactor.module_manager.get_module(account, Xmpp.Xep.HttpFileUpload.Module.IDENTITY).feature_available.connect((stream, max_file_size) => { - lock (max_file_sizes) { - max_file_sizes[account] = max_file_size; - } - upload_available(account); - }); - } -} - -} |